Contemporaneous gesture and keyboard entry authentication

ABSTRACT

A restricted access device such as a cellphone, a tablet or a personal computer, analyzes contemporaneous keyboard inputs of a password and gestures to authenticate the user and enable further access to applications and processes of the restricted access device. The gestures may be facial gestures detected by a camera or may be gestures made by an avatar rendered on a display of the device. The password may be shorted based upon the context of the authentication as well as any gestures occurring during password entry. The gestures may be learned by the restricted access device during the password entry process.

BACKGROUND

The present description generally relates to access restricted devicesand more particularly to enabling access based upon simultaneouskeyboard entries and gestures.

Access restricted devices may use a password entry upon a keyboard toenable increased access to the device. Increased access includesunlocking the device, allowing a user access to the applications,processes and resources associated with a device. Such devices includecell phones, tablets, laptops, and computers. Still other methods ofenabling access to a device include a gesture or a match of biometricidentification such as a fingerprint or rental scan.

SUMMARY

The description includes a method comprising enabling increased accessto a restricted access device based upon a gesture eventcontemporaneously occurring while receiving a predetermined keyboardentry from a user accessing the restricted access device.

The description also includes a restricted access device comprising: akeyboard processing module for receiving a keyboard input signal from akeyboard having a plurality of keys for receiving a keyboard entry anddetermining the keyboard entry corresponds to a password; a gestureprocessing module for processing a gesture input signal from a gesturedetector for detecting a gesture event and for determining the gestureevent corresponds to a predetermined gesture event; and an accesscontroller coupled to the keyboard processing module and the gestureprocessing module for increasing access to the restricted access devicebased upon the determining of the gesture event occurringcontemporaneously with the password.

The description also includes a non-transitory computer program productcomprising a storage medium readable by a processing circuit and storinginstructions for execution by the processing circuit of an applicationserver for performing a method comprising enabling increased access to arestricted access device based upon a gesture event contemporaneouslyoccurring while receiving a predetermined keyboard entry from a useraccessing the restricted access device.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

The accompanying figures wherein reference numerals refer to identicalor functionally similar elements throughout the separate views, andwhich together with the detailed description below are incorporated inand form part of the specification, serve to further illustrate variousembodiments and to explain various principles and advantages all inaccordance with the present description, in which:

FIG. 1A through FIG. 1D illustrate an example of contemporaneous gestureand keyboard entry authentication by a user for increasing access to arestricted access device;

FIG. 2 illustrates a contemporaneous gesture by an avatar and keyboardentry by a user for increasing access to a restricted access device;

FIG. 3 illustrates an example block diagram of device forcontemporaneous gesture and keyboard authentication; and

FIG. 4 illustrates an example of a flow diagram of a process forcontemporaneous gesture and keyboard entry authentication.

DETAILED DESCRIPTION

As required, detailed embodiments are disclosed herein; however, it isto be understood that the disclosed embodiments are merely examples andthat the systems and methods described below can be embodied in variousforms. Therefore, specific structural and functional details disclosedherein are not to be interpreted as limiting, but merely as a basis forthe claims and as a representative basis for teaching one skilled in theart to variously employ the present subject matter in virtually anyappropriately detailed structure and function. Further, the terms andphrases used herein are not intended to be limiting, but rather, toprovide an understandable description of the concepts.

The description of the present disclosure has been presented forpurposes of illustration and description, but is not intended to beexhaustive or limited in the form disclosed. Many modifications andvariations will be apparent to those of ordinary skill in the artwithout departing from the scope of the description. The embodiment waschosen and described in order to best explain the principles of thedescription and the practical application, and to enable others ofordinary skill in the art to understand the description for variousembodiments with various modifications as are suited to the particularuse contemplated.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of the description.As used herein, the singular forms “a”, “an” and “the” are intended toinclude the plural forms as well, unless the context clearly indicatesotherwise.

The terms “comprises” and/or “comprising,” specify the presence ofstated features, steps, operations, elements, and/or components, but donot preclude the presence or addition of one or more other features,integers, steps, operations, elements, components, and/or groupsthereof.

Disclosed is a password-entry system on a mobile, or other, device (e.g.tablet computer or smart phone) that uses a simultaneous facial gestureto affect the nature of the text password. For example, a portion of thealphanumeric password may need to be entered while the facial gesture isa smile, but the last character of the password needs to be enteredwhile the facial gesture is not a smile. This increases security for agiven number of input characters. Extensions include virtual universeswhere alphanumeric passwords depend upon avatar facial expression and/orgestures.

User password entry, using real or virtual keys, may be cumbersome on amobile device, or other device. By combining facial expression orgesture (e.g. smile) with text password entry, a user may have a moresecure password for a given number of key selections. Contemporaneousfacial gestures during password entry may also thwart “shoulder surfing”where another looks over the shoulder of a user during password entry tosteal a password. It may further deter theft if a potential burglarknows that password entry is difficult due to requirements with respectto contemporaneous facial gestures.

Combining facial gestures (e.g. smile, blink, frown, open mouth, closedmouth) with password entry, a user may have a more secure password for agiven number of key selections. For example, consider a passwordconsisting of 6 characters: c1, c2, c3, c4, c5, and c6. As an example,if c5 was dependent on facial gesture, then the number of possibilitiesnow is expanded to include: c1, c2, c3, c4, c5 (contemporaneoussmile/frown), and c6. This provides an additional security feature. Theuser's password cannot be easily guessed or hacked since thedevice/application/files are not accessible if the password entry is notsimultaneously accompanied by the appropriate facial gesture orexpression during the alphanumeric entry password process. Many devicesare equipped with cameras, thus facilitating this implementation.

A combination of letters and facial gesture may be hashed with a privatekey. The facial gesture may often be hidden and undetectable unlesswatching a person enter the password. This may be implemented with twodifferent authentication streams by two different servers. For example,on a second authentication server, the key before and after was X, andthe user smiled. Facial gesture and text are combined as a function of aprivate key.

Note that this invention may have a human-accessibility aspect in thatthe number of typed characters may be reduced. In one example thereduction may be for someone with hand-control deficits but who retainsfacial or other motor control. For example, instead of eight characters,a user with motor deficit or painful hand muscles may only now need toenter four characters, with contemporaneous facial gestures detected bya camera that is already in a user's device. Note also that for thepurpose of accessibility (e.g. a blind user, stroke victim, etc.), in arelated embodiment, the combination of letters and gestures need notinvolve facial expressions but may involve some other type of gesturemovement over which a user may have adequate control. For example, ahand motion, speaking a certain word while pressing a key, or some othertype of movement or gesture that may be made contemporaneously, or atthe same time a key or password is selected. In addition, to protect auser who may not be fully aware that someone else is nearby and“shoulder surfing” in an attempt to observe password entry and steal thepassword, verbal or other cues or gestures may guard againstmisappropriating the password.

In another example, an animation of facial gestures may be used, in amanner similar as described for the static facial gestures, to providean additional variable for alphanumerical password entry. For example,the password of “robot” may require a fast or slow pursing of the lips(which may be represented as sinusoidal amplitude through time) duringthe entry of the letter “t” to enter unlock the corresponding process orapplication. Filters may be applied to the facial gesture animationsignal so as to filter out spurious noise and to make it easier forusers to enter facial patterns, such as “fast” versus “slow” smileoscillations. Additionally, a contemporaneous input of a user's voicesuch as a tone, whistle, exhalation noise, or song (sung or hummed) maybe employed either as a gesture or in combination with a static oranimated facial gesture, as an extra layer of security.

Context, including authentication setting and time of day may also beused in relation to the authentication system. Additionally, for reasonsof safety, this password may have additional advantages. For example,the facial gesture may be used only during certain times of day or incertain settings, such as driving. The device may either be configuredto accept these alternate passwords in these settings, or the user mayhave an alternate password entry method available. For example, in theunexpected event that the setting is not secure for facial gesturepasswords, where other may observe these gestures the alternate gesturesmay be used. For example, a user who is driving can enter keystrokes c1,c2, c3, followed by a facial gesture combined with c4, thus providing apassword with fewer alphanumeric keystrokes and a margin of safety. Inanother example, the user may enter the full password using onlyalphanumeric key strokes c1, c2, c3, c4, c5, c6 in a restaurant. Thisaffords the user a simpler and safer entry method while driving, and amore secure entry method while in a public place. Furthermore, certainmappings may be set by the user from certain key combinations ontocertain facial gestures for the purpose of entering a password. Forexample, “sm” may correspond to the characters c5 and c6 in the user'spassword, and the user may have mapped these to a smile facial gesture.This mapping then provides for entering text using facial gestures.

Also described is a password entry device able to learn thecorrespondence between certain key combinations and certain facialgestures over time, where a user may “teach” the system that, forexample, “sm” corresponds to the smile gesture by smiling whenever “sm”is entered. After several times entering the full password in this way,the system may automatically permit or inquire of a user to whether theshortened password with a smile during the entry of c5 and c6 as analternate password. Similarly, the password entry device may optionallylearn the correspondence between vocal output (e.g. humming of certainsongs) and certain key combinations of facial gestures over time. Thesystem may automatically permit a user to hum a song as a shortenedpassword but only in familiar surroundings such as their home, asindicated by a GPS reading on their smartphone, while requiring fullermulti-modal password entry in new locations.

The current invention does not involve the positive identification of anindividual and is therefore not a biometric invention. Thus, thedisclosure has potential advantages when a device is shared betweenmultiple individuals, such as a home theater system with a passwordprotected movie purchasing feature. In this setting, any of severalusers may want to enable a password protected movie. Common facinggestures may be learned by anyone wishing to use the device, and may beperformed in conjunction with alphanumeric keystrokes by anyone. Thesystem authenticates by identifying a smile or a frown or other gesturein combination with a password, but not the specific biometrics uniquelyidentifying the individual face making these gestures. Access may beenabled by anyone entering the keyboard password and correspondinggestures.

Another potential advantage includes the ability for a single device tomaintain a password for different individuals who share a portion butnot all of a style of alphanumeric keyboard as their languages entrydevice. For example, a Chinese, Russian, and English speaking individualmay share a device with a password comprising only numeric keystrokesand facial gestures. This is because Arabic numbers are widely shared ondevices, and because facial gestures are universally recognized whilethe language specific alpha characters may differ widely betweenlanguages.

In a virtual universe or 3D game, in which users are represented byavatars that traverse a 3-D virtual environment, the facial gesturepasswords may make use of avatar facial expressions that arecontemporaneous with text input. For example, password entry may beaffected by facial expression of the avatar with respect to theenvironment. For example, a password of “robot” may require that theletter “b” be typed, or spoken, when the avatar has a certain facialexpression or is posed in a sitting position or is exhibiting a certainother gesture. When online financial transitions in a virtual universetake place involving substantial amounts of money, such extra securitymeasures in the virtual universe may have the advantage of being usefulin deterring the misappropriation of passwords and avoiding theconsequences.

In another example, an element of randomness may be incorporated intothe password entry. For example, the multi-factor authentication may bestrengthened using random combinations of simultaneous or sequentialpassword entry with multiple facial expressions. For example, to set upthis authentication method, the user may do the following: 1)choose/enter a unique password, 2) choose four unique facial expressions(e.g. smile, wink left eye, turn head right, open mouth), record thefour unique facial expressions. The authentication system may promptuser “in random order” to simultaneously or sequentially enter thepassword while performing one or more of the chosen facial expressions.Thus, the user authentication prompts may follow randomly selectedcombinations (changes each time user authenticates), e.g. turn headright, smile+enter password, wink left eye, and execute authentication.

In an example of a home theater implementation, different levels ofcomplexity of the password/gesture combination allow for a possiblygreater component access. For example, a simple password (4characters+smile) that allows general access to control home theatercomponents, while purchasing movies requires a more complex password (8character+minimum 3 gestures).

The description includes a user input device sensitive to gestures (e.g.a facial gesture like a smile), an alphanumeric input device such as akeyboard, and the creation of a password that simultaneously combinesthe concurrent entry of the facial gesture and alphanumeric input. Thedevice includes any of: phone, computer, e-book, tablet computer,camera, smart wallet, smart card, watch. The alphanumeric deviceincludes any of: real keyboard, virtual keyboard, pointer, speechsystem, gesture recognizer, or a virtual tablet in a virtual world. Thefacial gesture may be animated (e.g. an oscillation of a smile and afrown for 1 second). The user may be represented in a virtual universe,and the password entry is affected by avatar facial gesture or avatarbody position (e.g. sitting vs. standing).

FIG. 1A through FIG. 1D illustrate an example of contemporaneous gestureand keyboard entry authentication by a user for increasing access to arestricted access device. User 100 is performing an authentication actfor increasing access to restricted access device 150. FIG. 1A showsthat a user 100 with a straight face performing a gesture 110 with onehand while entering a keystroke 120 with the other hand on keyboard 170.Device 150 also includes a camera 160 for capturing images of user 110and operates a process able to determine gestures of the user in amanner known to those familiar with the art. Device 150 includes adisplay 180 that is displaying a password entry screen, and showing thekeystroke entry 120 correspond to the third keyboard entry 190 of thepassword. For the example of this figure, the user is performing handgesture 110 while contemporaneously entering keystroke 120 on the thirdcharacter 190 of the password.

FIG. 1B shows that the user 100 is performing a second gesture 112,corresponding to a wink of an eye facial gesture, which is captured bycamera 160 and processed by device 150 while the user is entering afifth character 192 of a password as displayed on display 180. The fifthcharacter is entered upon the keyboard 170 with keystroke 122. For theexample of this figure, the user is performing winking facial gesture112 while contemporaneously entering keystroke 122 on the fifthcharacter 192 of the password.

FIG. 1C shows that the user 100 is performing a third gesture 114,corresponding to an open mouth facial gesture, which is captured bycamera 160 and processed by device 150 while the user is entering aseventh character 194 of a password as displayed on display 180. Theseventh character is entered upon the keyboard 170 with keystroke 124.For the example of this figure, the user must be performing an openmouth facial gesture 114 while entering keystroke 124 on the seventhcharacter 194 of the password.

FIG. 1D shows device 150 displaying a welcome screen on display 150 touser 100 based upon the proper entry of the password on the keyboard 170and the proper reception of gestures by camera 160. Thus, increasedaccess to a restricted access device is enabled based upon an at leastone gesture event occurring while receiving an at least onepredetermined keyboard entry from a user accessing the restricted accessdevice.

FIG. 1A through FIG. 1D show three gestures occurring at the third,fifth and seventh keystroke entries of a password in order to provideauthentication for increased access to the restricted access device. Inthis example, if the three gestures had not occurred in coincidence withthe corresponding keystrokes, the user would not be authenticated andthe increased access to the device would not be enabled. Many otherexample combinations of keystrokes and gestures may be implemented whileremaining within the scope of this description. For example, in additionto the previous examples, any gesture may be used and any keyboard maybe used. The gesture may be a facial gesture, a body gesture or anyother gesture known to those familiar with the art. Possible keyboardsinclude an alphanumeric keyboard, a numeric keyboard, a non-Englishkeyboard, or a single button. In one example a single gesture and asingle keystroke may provide increased access to the device. In anotherexample, multiple keystrokes may be required and one or more gesturesmay need to occur anywhere within the multiple keystrokes. For example,the user may need to wink at any time during entry of a multiplecharacter password. Furthermore the gesture may be a dynamic gesturerequiring several motions to complete, for example the user may needwink once with each eye or wink multiple times with one eye to performgesture. While a camera is used for gesture detection, any device ableto detect gestures is considered to be within the scope of thedescription.

FIG. 2 illustrates a contemporaneous gesture by an avatar and keyboardentry by a user for increasing access to a restricted access device.User 200 is monitoring display 280 of device 250 which is showing apassword entry screen and an avatar 210. Two characters of the passwordhave been entered and the third character 290 is being entered withkeystroke 220 in response to the avatar 210 performing a specificgesture, which in this example is similar to hand motion gesture 110. Ifthe user had entered the third keystroke while the avatar was performinganother gesture then the authentication would fail. In one example, theavatar may be substituted for the camera of FIG. 1. In this example,user 100 could only enter keystrokes 120, 122 and 124 when avatar wasperforming gestures similar to gestures 110, 112 and 114. One potentialadvantage of this example is the elimination of a need for camera 160.In another example, the avatar may be a participant in a virtual worldwhere the avatar, through the user, seeks restricted access tocomponents of the virtual world, such as access to currency forcompleting a purchase transaction.

FIG. 3 illustrates an example block diagram of device forcontemporaneous gesture and keyboard authentication. Device 350 includesa gesture detector 360 which may be a camera, an optical transceiver, anoptical array, a touch pad, a touchscreen, a motions sensing glove,article of clothing, a microphone, a piece of furniture or other systemfor detecting gestures by the user. Signals from gesture detector 360are processed by gesture processing module 362 which determines gesturesin a manner know to those familiar with the art. Keystrokes are receivedas keyboard entries on keyboard 370, which may be comprised ofmechanical switches or buttons or a virtual keyboard implemented in anynumber of ways including a touchscreen such as those found ontouchscreen cellphones and tablets. Keyboard processing module 372processes keyboard entry keystrokes from keyboard 372. Access controller374 receives processed gestures from gesture processing module 362 andkeyboard entries from keyboard processing module 372 and compares theprocessed gesture with a predetermined gesture event associated with thekeyboard entries and determines if an appropriate authentication hasbeen received as described herein. If so, processor 376 is enabled toprovide increased access to applications and processes 378 of device 350that would otherwise be restricted. The user interacts with the deviceusing display 380 as feedback during password entry via the keyboard andto interact with applications and processes of the device in a mannerknown to those familiar with the art. It should be appreciated that someprocesses and applications 378 may be available to the user withoutauthentication such as power on/off control and use of a camera oremergency call on a cell phone. Examples of restricted accessapplications and processes may include internet access, word processingapplications, and calendar and timer processes, to name a few. Anydivision between restricted and unrestricted applications and processesare considered to be within the scope of this description.

It should be further appreciated that any portion or combination of theprocesses, controls and modules of FIG. 3 can be implemented in anon-transitory computer programming product comprising a storage mediumreadable by a processing circuit and storing instructions for executionby the processing circuit of an application server for performing amethods described here.

FIG. 4 illustrates an example of a flow diagram of a process forcontemporaneous gesture and keyboard entry authentication. In step 402the authentication process is initiated. The authentication processincludes any entry process that requires entry of predetermined keyboardentry password and gestures to enable increased access to deviceresources including applications and processes. Step 404 determines ifan appropriate keyboard entry has been received. If not, then step 418does not increase access to the restricted access device. This stepdetects if an improper key of the keyboard is pressed during entry of apassword. If correct, then step 406 determines if an appropriate gestureis contemporaneously occurring. The appropriate gesture may be anypredefined gesture and may occur during entry of a specific character ofthe keyboard entry of a password, or may occur any time before aspecific keyboard entry of the password, depending upon the designer'schosen implementation. Note that a gesture is not user specific andbiometric information specific to or indicative of the user is notnecessary. For example, if the gesture is a wink of an eye, then anyperson winking their eye may make the gesture, the wink is not requiredto be made from a specific person having biometric characteristicsmatching specific biometric data.

If the appropriate gesture is required and has not occurred, then step418 executes and access to the restricted access device is notincreased. Step 408 determines the context of the authentication entryif the appropriate gesture was received (of if no gesture was receivedif none was required at the keystroke of step 404). Depending upon thecontext, as shortened password may be enabled. For example if the deviceis a cellphone, then a shortened password may be enabled when thecontext is operation within a moving vehicle, while a standard orlengthened password may be required when the device is stationary or atcertain times of day. The lengthened password may or may not require acontemporaneous gesture. For the purposes of this description, allcontext variable passwords are considered to be within the scope of thisdescription. In other examples, shortened passwords may always beenabled or always disabled, independent of the context. In anotherexample, a longer password may require no gestures, while a shortenedpassword may be utilized if an appropriate gesture or gestures areprovided during entry of a first portion of the password.

If a shortened password is to be considered, then step 412 determines ifenough keyboard entries have been made for a shortened password. Forexample, a device may require a twelve character password if noappropriate gestures were received and a seven character password (theseven characters may be considered the first portion of the twelvecharacter password or a first password with the twelve characters beinga second password) with three gestures at appropriate keystrokes asshown in FIG. 1. If the shortened password is enabled and if enoughkeyboard entries have been received for the shortened password in step412, then step 416 enables increased access to the device. Else, step414 determines if enough keyboard entries have been received for a fullpassword, and if so step 416 enables increased access to the device.

If not enough entries are received at step 414 then optional steps420-426 are executed prior to returning to step 404 to receive anotherkeyboard entry. Steps 420-426 enable leaning of gestures either forenhanced authentication security or for a shortened password or forboth. In other examples, the context of the authentication may also belearned for use in later executions of step 408. Step 420 determines ifany gesture has been associated with this keyboard entry. For example,the user could be winking during the keyboard entry. If so, then datafrom one or more prior authentications are examined to determine if thegesture had occurred previously at this keyboard entry at step 422. Ifso, then step 424 associates the gesture with the keyboard entry toeither enhance the security of the authentication process or to enableshortening of the authentication process. Step 426 then enablesshortening of the password as previously described. Additional user ordevice administrator input may be required to enable the process ofsteps 420-426 and to select between a shortened password or an enhancedauthentication or both.

The description herein describes a method comprising enabling increasedaccess 426 to a restricted access device 150 based upon a gesture event110 occurring while receiving a predetermined keyboard entry 120 from auser accessing the restricted access device. The enabling is independentof biometric information indicative of the user. The gesture event maybe a facial gesture 112, 114 received from the user. The gesture eventmay include at least one of a hand gesture 110 and a spoke utterancereceived from the user. The restricted access device 250 may include adisplay 280 and the gesture event 210 may be a gesture made by an avatarrendered on the display by the restricted access device. The gestureevent may include a facial gesture received from the user, the facialgesture including at least one of a smile, a frown, a blink, a wink, anopen mouth and a closed mouth made by the user performing the keyboardentry. In another example, the gesture event may be an animated facialgesture received from the user, the animated facial gesture may includean at least one change from at least one of a smile, a frown, a straightface, a blink, a wink, an open mouth and a closed mouth to at least oneof a smile, a frown, a blink, a wink, an open mouth and a closed mouth,the predetermined keyboard entry may include a password requiringmultiple keyboard activations, and the gesture event may occur between afirst keyboard activation and a last keyboard activation of thepassword. The number of keyboard activations in the password may beincreased, 414, based upon the gesture event not being received. Inanother example, the predetermined keyboard entry may include a passwordrequiring multiple keyboard activations 190, 192, 194, the gesture eventmay include at least a first gesture 110 and a second gesture 112received from the user, and the enabling enables the increased access416 based upon the first gesture 110 being received during apredetermined keyboard activation 120 of the password and the secondgesture 112 being received during a another predetermined keyboardactivation 122 of the password. In another example, an operationalcontext of the restricted access device may be determined 408; and thenumber of keyboard activations in the password and a number of gesturesin the gesture event may be modified 410 based upon the operationalcontext. In another example a received gesture event 406 is receivedwhile receiving a keyboard entry 404 at the restricted access device;and the password may be shortened 426, wherein the enabling is basedupon the received gesture event and the shortened password.

In another example, the description provides a restricted access device350 comprising a keyboard processing module 372 for receiving a keyboardinput signal from a keyboard 370 having a plurality of keys forreceiving a keyboard entry and determining the keyboard entry tocorrespond to a password, and a gesture processing module 362 forprocessing a gesture input signal from a gesture detector 360 fordetecting a gesture event and for determining the gesture eventcorresponds to a predetermined gesture event; and an access controller374 coupled to the keyboard processing module 372 and the gestureprocessing module 362 for increasing access 416 to the restricted accessdevice based upon the determining of the gesture event occurringcontemporaneously with the password. The restricted access device mayfurther comprise the keyboard 370 and the gesture detector 360comprising a camera 160 for capturing an image of a face of user 100operating the keyboard and performing a facial gesture event, whereinthe access controller 374 further includes a facial gesture detector andthe predetermined gesture event corresponds to a predetermined facialgesture event by the user, thereby increasing access to the restrictedaccess device based upon a user operating the keyboard to enter thepassword while contemporaneously performing a facial gesture. In anotherexample, the keyboard processing module further determines the keyboardentry to correspond to a second password having a first portion and asecond portion, the first portion corresponding the password. The accesscontroller further increases access to the restricted access devicebased upon the second password and an absence of the gesture eventcorresponding to the predetermined gesture. In another example, thepredetermined keyboard entry includes a password requiring multiplekeyboard activations, the gesture event includes at least a firstgesture and a second gesture received from the user, and the enablingenables the increased access based upon the first gesture being receivedduring a predetermined keyboard activation of the password and thesecond gesture being received during a another predetermined keyboardactivation of the password.

In another example, a non-transitory computer program product comprisesa storage medium readable by a processing circuit and storinginstructions for execution by the processing circuit of an applicationserver for performing a method comprising enabling increased access to arestricted access device based upon a gesture event occurring whilecontemporaneously receiving a predetermined keyboard entry from a useraccessing the restricted access device. The gesture event may be ananimated facial gesture received from the user, the animated facialgesture including an at least one change from at least one of a smile, afrown, a straight face, a blink, a wink, an open mouth and a closedmouth to at least one of a smile, a frown, a blink, a wink, an openmouth and a closed mouth. The predetermined keyboard entry includes apassword requiring multiple keyboard activations, and the gesture eventoccurs between a first keyboard activation and a last keyboardactivation of the password. The method may further comprise increasing anumber of keyboard activations in password requiring multiple keyboardactivations based upon the gesture event not being received.

The present invention may be a system, a method, and/or a computerprogram product. The computer program product may include a computerreadable storage medium (or media) having computer readable programinstructions thereon for causing a processor to carry out aspects of thepresent invention.

The computer readable storage medium can be a tangible device that canretain and store instructions for use by an instruction executiondevice. The computer readable storage medium may be, for example, but isnot limited to, an electronic storage device, a magnetic storage device,an optical storage device, an electromagnetic storage device, asemiconductor storage device, or any suitable combination of theforegoing. A non-exhaustive list of more specific examples of thecomputer readable storage medium includes the following: a portablecomputer diskette, a hard disk, a random access memory (RAM), aread-only memory (ROM), an erasable programmable read-only memory (EPROMor Flash memory), a static random access memory (SRAM), a portablecompact disc read-only memory (CD-ROM), a digital versatile disk (DVD),a memory stick, a floppy disk, a mechanically encoded device such aspunch-cards or raised structures in a groove having instructionsrecorded thereon, and any suitable combination of the foregoing. Acomputer readable storage medium, as used herein, is not to be construedas being transitory signals per se, such as radio waves or other freelypropagating electromagnetic waves, electromagnetic waves propagatingthrough a waveguide or other transmission media (e.g., light pulsespassing through a fiber-optic cable), or electrical signals transmittedthrough a wire.

Computer readable program instructions described herein can bedownloaded to respective computing/processing devices from a computerreadable storage medium or to an external computer or external storagedevice via a network, for example, the Internet, a local area network, awide area network and/or a wireless network. The network may comprisecopper transmission cables, optical transmission fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers. A network adapter card or network interface in eachcomputing/processing device receives computer readable programinstructions from the network and forwards the computer readable programinstructions for storage in a computer readable storage medium withinthe respective computing/processing device.

Computer readable program instructions for carrying out operations ofthe present invention may be assembler instructions,instruction-set-architecture (ISA) instructions, machine instructions,machine dependent instructions, microcode, firmware instructions,state-setting data, or either source code or object code written in anycombination of one or more programming languages, including an objectoriented programming language such as Java, Smalltalk, C++ or the like,and conventional procedural programming languages, such as the “C”programming language or similar programming languages. The computerreadable program instructions may execute entirely on the user'scomputer, partly on the user's computer, as a stand-alone softwarepackage, partly on the user's computer and partly on a remote computeror entirely on the remote computer or server. In the latter scenario,the remote computer may be connected to the user's computer through anytype of network, including a local area network (LAN) or a wide areanetwork (WAN), or the connection may be made to an external computer(for example, through the Internet using an Internet Service Provider).In some embodiments, electronic circuitry including, for example,programmable logic circuitry, field-programmable gate arrays (FPGA), orprogrammable logic arrays (PLA) may execute the computer readableprogram instructions by utilizing state information of the computerreadable program instructions to personalize the electronic circuitry,in order to perform aspects of the present invention.

Aspects of the present invention are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of theinvention. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer readable program instructions.

These computer readable program instructions may be provided to aprocessor of a general purpose computer, special purpose computer, orother programmable data processing apparatus to produce a machine, suchthat the instructions, which execute via the processor of the computeror other programmable data processing apparatus, create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks. These computer readable program instructionsmay also be stored in a computer readable storage medium that can directa computer, a programmable data processing apparatus, and/or otherdevices to function in a particular manner, such that the computerreadable storage medium having instructions stored therein comprises anarticle of manufacture including instructions which implement aspects ofthe function/act specified in the flowchart and/or block diagram blockor blocks.

The computer readable program instructions may also be loaded onto acomputer, other programmable data processing apparatus, or other deviceto cause a series of operational steps to be performed on the computer,other programmable apparatus or other device to produce a computerimplemented process, such that the instructions which execute on thecomputer, other programmable apparatus, or other device implement thefunctions/acts specified in the flowchart and/or block diagram block orblocks.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present invention. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof instructions, which comprises one or more executable instructions forimplementing the specified logical function(s). In some alternativeimplementations, the functions noted in the block may occur out of theorder noted in the figures. For example, two blocks shown in successionmay, in fact, be executed substantially concurrently, or the blocks maysometimes be executed in the reverse order, depending upon thefunctionality involved. It will also be noted that each block of theblock diagrams and/or flowchart illustration, and combinations of blocksin the block diagrams and/or flowchart illustration, can be implementedby special purpose hardware-based systems that perform the specifiedfunctions or acts or carry out combinations of special purpose hardwareand computer instructions.

The description of the present application has been presented forpurposes of illustration and description, but is not intended to beexhaustive or limited to the description in the form disclosed. Manymodifications and variations will be apparent to those of ordinary skillin the art without departing from the scope of the description. Theexample was chosen and described in order to best explain the principlesof the description and the practical application, and to enable othersof ordinary skill in the art to understand the description for variousexamples with various modifications as are suited to the particular usecontemplated.

What is claimed is:
 1. A method comprising: enabling increased access toa restricted access device based upon a gesture event occurring whilereceiving a predetermined keyboard entry from a user accessing therestricted access device, wherein the predetermined keyboard entryincludes a password requiring multiple keyboard activations and, thegesture event occurs between a first keyboard activation and a lastkeyboard activation of the password and the gesture event is a facialgesture received from the user, the facial gesture including at leastone of a smile, a frown, a blink, a wink, an open mouth and a closedmouth made by the user performing the predetermined keyboard entry,wherein the gesture event is an animated facial gesture received fromthe user, the animated facial gesture including an at least one changefrom at least one of a smile, a frown, a straight face, a blink, a wink,an open mouth and a closed mouth to at least one of a smile, a frown, ablink, a wink, an open mouth and a closed mouth; and increasing a numberof keyboard activations in the password based upon the gesture event notbeing received.
 2. The method according to claim 1 wherein the enablingis independent of biometric information indicative of the user.
 3. Themethod according to claim 2 wherein the gesture event includes at leastone of a hand gesture and a spoke utterance received from the user. 4.The method according to claim 2 wherein the restricted access deviceincludes a display and the gesture event is a gesture made by an avatarrendered on the display by the restricted access device.
 5. The methodaccording to claim 1 wherein the gesture event includes at least a firstgesture and a second gesture received from the user, and the enablingenables the increased access based upon the first gesture being receivedduring a predetermined keyboard activation of the password and thesecond gesture being received during a another predetermined keyboardactivation of the password.
 6. The method according to claim 1 furthercomprising the step of: determining an operational context of therestricted access device; and modifying at least one of a number ofkeyboard activations and a number of gestures in the gesture event basedupon the operational context.
 7. The method according to claim 1comprising the steps of: receiving a received gesture event whilereceiving a keyboard entry at the restricted access device; andshortening the password to correspond to the predetermined keyboardentry, wherein the enabling is based upon the received gesture event andthe shortened password.
 8. A restricted access device comprising: amemory; a display; a keyboard; a keyboard processor module, a gestureprocessing module, and an access controller in communication with saidmemory, said display, and said keyboard; the keyboard processing modulefor receiving a keyboard input signal from a keyboard having a pluralityof keys for receiving a keyboard entry and determining the keyboardentry corresponds to a password; the gesture processing module forprocessing a gesture input signal from a gesture detector for detectinga gesture event and for determining the gesture event corresponds to apredetermined gesture event and the gesture event is a facial gesturereceived from a user, the facial gesture including at least one of asmile, a frown, a blink, a wink, an open mouth and a closed mouth madeby the user performing the keyboard entry; and an access controllercoupled to the keyboard processing module and the gesture processingmodule for increasing access to the restricted access device based uponthe determining of the gesture event occurring contemporaneously withthe password, and the gesture event occurs between a first keyboardactivation and a last keyboard activation of the password, wherein thepassword requires multiple keyboard activations, the gesture eventincludes at least a first gesture and a second gesture, and the accesscontroller increases the access based upon the first gesture beingreceived during a first predetermined keyboard activation of thepassword and the second gesture being received during anotherpredetermined keyboard activation of the password.
 9. The restrictedaccess device according to claim 8 further comprising: the keyboard; andthe gesture detector comprising a camera for capturing an image of aface of a user operating the keyboard and performing a facial gestureevent, wherein the access controller further includes a facial gesturedetector and the predetermined gesture event corresponds to apredetermined facial gesture event by the user, thereby increasingaccess to the restricted access device based upon the user operating thekeyboard to enter the password while contemporaneously performing afacial gesture.
 10. The restricted access device according to claim 8wherein: the keyboard processing module further for determining thekeyboard entry to correspond to a second password having a first portionand a second portion, the first portion corresponding the password, theaccess controller further increasing access to the restricted accessdevice based upon the second password and an absence of the gestureevent corresponding to the predetermined gesture event.
 11. Anon-transitory computer program product comprising: a storage mediumreadable by a processing circuit and storing instructions for executionby the processing circuit of an application server for performing amethod comprising: enabling increased access to a restricted accessdevice based upon a gesture event occurring while receiving apredetermined keyboard entry from a user accessing the restricted accessdevice, wherein the predetermined keyboard entry includes the passwordrequiring multiple keyboard activations, and the gesture event occursbetween a first keyboard activation and a last keyboard activation of apassword and the gesture event is a facial gesture received from theuser, the facial gesture including at least one of a smile, a frown, ablink, a wink, an open mouth and a closed mouth made by the userperforming the predetermined keyboard entry wherein the gesture event isan animated facial gesture received from the user, the animated facialgesture including an at least one change from at least one of a smile, afrown, a straight face, a blink, a wink, an open mouth and a closedmouth to at least one of a smile, a frown, a blink, a wink, an openmouth and a closed mouth; and increasing a number of keyboardactivations in the password requiring multiple keyboard activationsbased upon the gesture event not being received.
 12. The non-transitorycomputer programming product according to claim 11 wherein the enablingis independent of biometric information indicative of the user.
 13. Thenon-transitory computer programming product according to claim 11wherein the gesture event includes at least one of a hand gesture and aspoke utterance received from the user.
 14. The non-transitory computerprogramming product according to claim 11 wherein the restricted accessdevice includes a display and the gesture event is a gesture made by anavatar rendered on the display by the restricted access device.
 15. Thenon-transitory computer programming product according to claim 11wherein the gesture event includes at least a first gesture and a secondgesture received from the user, and the enabling enables the increasedaccess based upon the first gesture being received during apredetermined keyboard activation of the password and the second gesturebeing received during a another predetermined keyboard activation of thepassword.
 16. The non-transitory computer programming product accordingto claim 11 further comprising the step of: determining an operationalcontext of the restricted access device; and modifying at least one of anumber of keyboard activations and a number of gestures in the gestureevent based upon the operational context.
 17. The non-transitorycomputer programming product according to claim 11 further comprisingthe steps of: receiving a received gesture event while receiving akeyboard entry at the restricted access device; and shortening thepassword to correspond to the predetermined keyboard entry, wherein theenabling is based upon the received gesture event and the shortenedpassword.